Export limit exceeded: 350432 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0332 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | ||||
| CVE-2000-1103 | 1 Bsdi | 1 Bsd Os | 2026-04-16 | N/A |
| rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. | ||||
| CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2026-04-16 | N/A |
| The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | ||||
| CVE-2000-1108 | 1 Midnight Commander | 1 Midnight Commander | 2026-04-16 | N/A |
| cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument. | ||||
| CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2026-04-16 | N/A |
| Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | ||||
| CVE-2002-0350 | 1 Hp | 1 Procurve Switch 4000m | 2026-04-16 | N/A |
| HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | ||||
| CVE-2000-1104 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. | ||||
| CVE-2000-1110 | 1 Ibm | 1 Net.data | 2026-04-16 | N/A |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. | ||||
| CVE-2002-0351 | 1 Matt Blaze | 1 Cfs | 2026-04-16 | N/A |
| Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | ||||
| CVE-2000-1112 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. | ||||
| CVE-2002-0352 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | ||||
| CVE-2000-1113 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability. | ||||
| CVE-2006-1582 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue. | ||||
| CVE-2006-1584 | 1 Juliusz Julas Gonera | 1 Warcraft Iii Replay Parser Php | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter. | ||||
| CVE-2006-0067 | 1 Vego | 1 Vego Links Builder | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php in VEGO Links Builder 2.00 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2006-1586 | 1 Internet Solutions Professionals | 1 Site Man | 2026-04-16 | N/A |
| SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter. | ||||
| CVE-2006-1595 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in Claroline 1.7.4 and earlier allows remote attackers to read arbitrary files via ".." sequences in the file parameter in a rqEditHtml command. | ||||
| CVE-2006-0068 | 1 Primo Place | 1 Primo Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php. | ||||
| CVE-2006-1603 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||